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WHAT IS CLAIMED IS: 

1. Ftor use in a wireless network comprising a plurality of 

2 / base stations , each of said base stations capable of communicating 

3 with a plurality of mobile stations, a security device capable of 

4 preventing ap unprovisioned one of said plurality of mobile 

5 stations from accessing an Internet protocol (IP) data network 

6 through said wireless network, said security device comprising: 

7 a fkrst controller capable of receiving from said 
9 unprovisioned jpobile station an IP data packet comprising an IP 
j£ packet header And an IP packet payload and encrypting at least a 
Lj8- portion of said\lP packet payload. 

^~ 

% 2. The security device set forth in Claim 1 wherein said 



% first controller tLs disposed in at least one of said plurality of 

y j \ 

%f base stations. ^ 

\ 

1 3 . The security device set forth in Claim 1 wherein said 

2 first controller is\disposed in at least one of a mobile switching 

3 center and an interviorking function of said wireless network. 
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1 4. The seaurity device set forth in Claim 1 further 

2 comprising a seconp controller capable of determining that said 

3 unprovisioned mobile station is unprovisioned. 



1 5. The security device set forth in Claim 1 wherein said 

2 second controller determines that said unprovisioned mobile station 

3 is unprovisioned if said unprovisioned mobile station is unable to 

4 authenticate to said wireless network. 

\ 

\ 



i* 6. The security televice set forth in Claim 1 wherein said 

2\ second controller determines that said unprovisioned mobile station 
is unprovisioned according to a predetermined telephone number 
associated with a service provisioning process selected by said 
5^ unprovisioned mobile station. 



¥ J 7. The security device set forth in Claim 1 wherein said 

2 second controller determinesi that said unprovisioned mobile station 

3 is unprovisioned according to data retrieved from a home location 

4 register associated with saiq wireless network. 
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1 8. The security device set forth in Claim 1 wherein said 

2 first controller\comprises a data processor capable of executing an 

3 encryption program stored in a memory associated with said data 

4 processor. \ 
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1 9. A wineless network comprising: 

2 a plurality of base stations, each of said base stations 

3 capable of communicating with a plurality of mobile stations; and 

4 a security device capable of preventing an unprovisioned 

5 one of said plurality of mobile stations from accessing an Internet 

6 protocol (IP) data network through said wireless network, said 

7 security device comprising: 

8 a first controller capable of receiving from said 
IS unprovisioned mobile station an IP data packet comprising 

l4£ an IP packet header and an IP packet payload and 

lttl encrypting at least a portion of said IP packet payload. 

m \ 

m \ 

1 10. The wireless vnetwork set forth in Claim 9 wherein said 

\ 

2=^ first controller is disptosed in at least one of said plurality of 

U ^ 

§^ base stations. \ 

yj \ 

yi \ 

1 11. The wireless nenwork set forth in Claim 9 wherein said 

2 first controller is disposep in at least one of a mobile switching 

3 center and an interworking function of said wireless network. 
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1 12 . The wireless network set forth in Claim 9 further 

2 comprising a second controller capable of determining that said 

3 unprovisioned mobille station is unprovisioned. 

1 13 . The wireless network set forth in Claim 9 wherein said 

2 second controller determines that said unprovisioned mobile station 

3 is unprovisioned if Waid unprovisioned mobile station is unable to 

4 authenticate to said\ wireless network. 

3t™ 14. The wireless network set forth in Claim 9 wherein said 

fM second controller determines that said unprovisioned mobile station 

fr is unprovisioned according to a predetermined telephone number 

4 associated with a service provisioning process selected by said 

5; unprovisioned mobile station. 

\ 

l 1 - 15. The wireless network set forth in Claim 9 wherein said 

2 second controller determines that said unprovisioned mobile station 

3 is unprovisioned according to data retrieved from a home location 

4 register associated with s^Ld wireless network. 
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1 16. The witreless network set forth in Claim 9 wherein said 

2 first controller comprises a data processor capable of executing an 

3 encryption program stored in a memory associated with said data 

4 processor. 1 
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N 

use in a wireless network comprising a plurality of 
, each of the base stations capable of communicating 



17. For 
base stations 



with a plurality of mobile stations, a method of preventing an 



unprovisionec 
accessing an 



one of the plurality of mobile stations from 
Internet protocol (IP) data network through the 
wireless network, the method comprising the steps of: 

receiving from the unprovisioned mobile station an IP 
comprising an IP packet header and an IP packet 



data packet 
payload; 

det 

unprovisionec. 

enc 

18. The 
determining 
unprovisioned 



ermining that the unprovisioned mobile station is 



; and 

typti 



ng at least a portion of the IP packet payload. 



method set forth in Claim 17 wherein the step of 
comprises the step of determining that the 
mobile station is unable to authenticate to the 



wireless network. 
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19. The method set forth in Claim 17 wherein the step of 
determining comprises the step of determining that the 
unprovisioned mopile station selected a predetermined telephone 
number associated with a service provisioning process. 

20. The method set forth in Claim 17 wherein the step of 
determining that the unprovisioned mobile station is unprovisioned 
comprises the step or examining data retrieved from a home location 
register associated with the wireless network. 



